Convert-AzureRmSqlDatabaseVulnerabilityAssessmentScan

Converts a vulnerability assessment scan results to Excel format.

Important

Because Az PowerShell modules now have all the capabilities of AzureRM PowerShell modules and more, we'll retire AzureRM PowerShell modules on 29 February 2024.

To avoid service interruptions, update your scripts that use AzureRM PowerShell modules to use Az PowerShell modules by 29 February 2024. To automatically update your scripts, follow the quickstart guide.

Syntax

Convert-AzureRmSqlDatabaseVulnerabilityAssessmentScan
       [-InputObject <DatabaseVulnerabilityAssessmentScanRecordModel>]
       [-ScanId <String>]
       [-ServerName] <String>
       [-DatabaseName] <String>
       [-ResourceGroupName] <String>
       [-DefaultProfile <IAzureContextContainer>]
       [-WhatIf]
       [-Confirm]
       [<CommonParameters>]

Description

The Convert-AzureRmSqlDatabaseVulnerabilityAssessmentScan cmdlet converts a scan results, that resides in the customer storage, identified by the ScanId parameter to an Excel format placed in the storage defined by the Set-AzureRmSqlDatabaseVulnerabilityAssessmentSettings cmdlet. Note that you need to run Enable-AzureRmSqlServerAdvancedThreatProtection and Set-AzureRmSqlDatabaseVulnerabilityAssessmentSettings cmdlet as a prerequisite for using this cmdlets.

Examples

Example 1 - Converts a vulnerability assessment scan results annd save them to local disk

PS C:\>  Set-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
            -ResourceGroupName "ResourceGroup01" `
            -ServerName "Server01" `
            -DatabaseName "Database01" `
            -StorageAccountName "mystorage" 

PS C:\> Start-AzureRmSqlDatabaseVulnerabilityAssessmentScan `
            -ResourceGroupName "ResourceGroup01" `
            -ServerName "Server01" `
            -DatabaseName "Database01" `
            -ScanId "myScan"

PS C:\> $convert_scan_results = Convert-AzureRmSqlDatabaseVulnerabilityAssessmentScan`
									-ResourceGroupName "ResourceGroup01" `
									-ServerName "Server01" `
									-DatabaseName "Database01" `
									-ScanId "myScan" 
ResourceGroupName		: "ResourceGroup01"
ServerName		        : "Server01"
DatabaseName	    	: "Database01"
ScanId			        : "myScan"
ExportedReportLocation	: "https://myaccount.blob.core.windows.net/vulnerabilityAssessment/Server01/Database01/scan_myScan.xlsx"
							
PS C:\> $connection_string_to_storage_account = "DefaultEndpointsProtocol=https;AccountName=myaccount...."
PS C:\> $converted_scan_results_download_local_folder = "C:\Downloads\"
PS C:\> $storage_account_context = New-AzureStorageContext -ConnectionString $connection_string_to_storage_account
PS C:\> $convert_scan_result_splitted = $convert_scan_results.ExportedReportLocation -split "/"
PS C:\> $container_name = $convert_scan_result_splitted[3]
PS C:\> Get-AzureStorageBlobContent -Blob ($a -split $container_name + '/')[1] `
		   -Container $container_name `
		   -Destination $converted_scan_results_download_local_folder `
		   -Context $storage_account_context

Example 2 - Converts a vulnerability assessment scan results from a scan record

PS C:\> Get-AzureRmSqlDatabaseVulnerabilityAssessmentScanRecord `
                -ResourceGroupName "ResourceGroup01" `
                -ServerName "Server01" `
                -DatabaseName "Database01" `
                -ScanId "myScan" `
                | Convert-AzureRmSqlDatabaseVulnerabilityAssessmentScan

ResourceGroupName		: "ResourceGroup01"
ServerName		        : "Server01"
DatabaseName	    	: "Database01"
ScanId			        : "myScan"
ExportedReportLocation	: "https://myaccount.blob.core.windows.net/vulnerabilityAssessment/Server01/Database01
                            /scan_myScan.xlsx"

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DatabaseName

SQL Database name.

Type:String
Position:2
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:Microsoft.Azure.Commands.Common.Authentication.Abstractions.IAzureContextContainer
Aliases:AzureRmContext, AzureCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-InputObject

The scan record object to use in order to convert a Vulnerability Assessment scan

Type:Microsoft.Azure.Commands.Sql.VulnerabilityAssessment.Model.DatabaseVulnerabilityAssessmentScanRecordModel
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-ResourceGroupName

The name of the resource group.

Type:String
Position:0
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-ScanId

Specifies the scan ID.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-ServerName

SQL Database server name.

Type:String
Position:1
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

Microsoft.Azure.Commands.Sql.VulnerabilityAssessment.Model.DatabaseVulnerabilityAssessmentScanRecordModel

Parameters: InputObject (ByValue)

String

Outputs

Microsoft.Azure.Commands.Sql.VulnerabilityAssessment.Model.DatabaseVulnerabilityAssessmentScanExportModel